JaffaCakes118_0ca781bf9c59c4bb044fdcd82dc36e00

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_0ca781bf9c59c4bb044fdcd82dc36e00
Size

253KB
MD5

0ca781bf9c59c4bb044fdcd82dc36e00
SHA1

02a8fd99adb4964903f666231ac92817cf1c7ad2
SHA256

b06bb3f586c4e8786898fa36a066b38f2dbf1125438fa853878df242d9abed44
SHA512

23978ebe03f1d8b272790fd5318481cc180c8a3d76467ed474f0fdbab3d9d7800d4900c5d00d388e387f6e2205eaf607c244670c33c8fd37232c708bdfc80c20
SSDEEP

6144:v/b8F4wjz8yiQI0r3R4XA6+U37H9hBNiO31AFQ/1SKf:v/+49y7I0rmw6+SxFAqkQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0ca781bf9c59c4bb044fdcd82dc36e00

Files

JaffaCakes118_0ca781bf9c59c4bb044fdcd82dc36e00
.exe windows:4 windows x86 arch:x86

229cf0e38f308cdd090556df8dc3e20b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysAllocString
VariantInit
VariantClear
VariantCopy
VariantChangeType
SysStringByteLen
SysFreeString
VarCmp

shlwapi

PathFileExistsW
PathRemoveBlanksW
PathAppendW
PathRemoveFileSpecW
SHDeleteKeyW
PathUnquoteSpacesW
SHDeleteEmptyKeyW

comctl32

ImageList_Create
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_AddMasked

esent

JetGetTableIndexInfo
JetRetrieveColumn
JetOpenDatabase
JetEndSession
JetMove
JetCloseTable
JetCloseDatabase
JetCommitTransaction
JetDetachDatabase
JetGetObjectInfo
JetSetIndexRange
JetGetTableColumnInfo
JetSetCurrentIndex
JetBeginTransaction
JetSeek
JetFreeBuffer
JetInit
JetOpenTable
JetAttachDatabase
JetGetInstanceInfo
JetBeginSession
JetCreateIndex
JetTerm
JetCreateInstance
JetSetSystemParameter
JetMakeKey

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance
CoIsOle1Class
CoDisconnectObject
CoCreateGuid
CoFreeLibrary
CoGetInstanceFromIStorage

advapi32

CryptGenRandom
GetSidSubAuthority
RegSetValueExW
GetUserNameW
FreeSid
GetAclInformation
CryptReleaseContext
AddAce
GetSidIdentifierAuthority
GetSidSubAuthorityCount
RegSetValueExA
GetLengthSid
AddAccessAllowedAce
RegDeleteValueW
CryptAcquireContextW
RegQueryValueExW
GetAce
RegCloseKey
InitializeSecurityDescriptor
LookupAccountNameW
SetNamedSecurityInfoW
RegEnumKeyExW
InitializeAcl
SetSecurityDescriptorSacl
AllocateAndInitializeSid
ConvertSidToStringSidW
RegEnumKeyW
GetSecurityDescriptorSacl
RegOpenKeyExW
RegEnumValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCreateKeyExW
RegDeleteKeyW
SetEntriesInAclW
GetNamedSecurityInfoW
SetSecurityDescriptorDacl
RegQueryInfoKeyW

user32

IsWindow
FindWindowExW
SendMessageW
SetWindowPos
GetClassLongW
GetSystemMetrics
GetWindowRect
MsgWaitForMultipleObjectsEx
DispatchMessageW
SetPropW
TranslateMessage
CallWindowProcW
RemovePropW
SetWindowLongW
LoadStringW
GetClassNameW
LoadImageW
PostMessageW
EnableWindow
GetWindowLongW
GetParent
GetPropW
GetDC
DestroyWindow
MsgWaitForMultipleObjects
KillTimer
SetTimer
ReleaseDC
PeekMessageW

kernel32

HeapAlloc
GetSystemTimeAsFileTime
HeapFree
CreateEventW
GlobalUnlock
FreeLibraryAndExitThread
WideCharToMultiByte
GetCurrentThreadId
OpenEventW
SetUnhandledExceptionFilter
DeleteCriticalSection
WaitForMultipleObjects
CreateFileMappingW
lstrcmpiW
VirtualProtect
CreateThread
FreeLibrary
GlobalFree
CreateMutexW
GlobalLock
GlobalAlloc
DeleteFileW
ExpandEnvironmentStringsW
MapViewOfFile
CloseHandle
LocalAlloc
GetFileSize
IsDebuggerPresent
UnhandledExceptionFilter
FindFirstFileW
GetTempFileNameW
WriteFile
lstrlenW
GetModuleHandleExW
UnmapViewOfFile
ResumeThread
ReadFile
FindNextFileW
ReleaseMutex
OpenFileMappingW
SetLastError
GlobalMemoryStatus
GetProcessHeap
EnterCriticalSection
LocalFree
lstrcpynW
GetModuleHandleW
CreateFileW
CreateDirectoryW
WaitForMultipleObjectsEx
ResetEvent
FindClose
TerminateThread
WaitForSingleObject
LeaveCriticalSection
VirtualQuery
OpenMutexW
GetSystemInfo
lstrlenA
OutputDebugStringW
VirtualAllocEx

shell32

SHGetFolderPathW

gdi32

DeleteObject
GetDeviceCaps

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

ddrawex

DllCanUnloadNow
DllRegisterServer
DllGetClassObject

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 219KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

229cf0e38f308cdd090556df8dc3e20b

Headers

File Characteristics

Imports

oleaut32

shlwapi

comctl32

esent

ole32

advapi32

user32

kernel32

shell32

gdi32

version

ddrawex

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 219KB - Virtual size: 222KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 219KB - Virtual size: 222KB

.rsrc
Size: 11KB - Virtual size: 11KB